@@ -231,6 +231,11 @@ function upgrade_kayobe_venv {
231231
232232# Deployment
233233
234+ function is_compute_libvirt_enabled {
235+ compute_libvirt_enabled=$( kayobe configuration dump --host localhost --var-name compute_libvirt_enabled)
236+ to_bool " $compute_libvirt_enabled "
237+ }
238+
234239function is_deploy_image_built_locally {
235240 ipa_build_images=$( kayobe configuration dump --host localhost --var-name ipa_build_images)
236241 to_bool " $ipa_build_images "
@@ -431,26 +436,23 @@ function overcloud_deploy {
431436
432437 control_host_bootstrap
433438
439+ # NOTE(mgoddard): There is a chicken and egg when generating libvirt TLS
440+ # certificates using the kolla-ansible certificates command, and host
441+ # libvirt. The certificates command needs to be able to gather facts for
442+ # all hosts, but if the host configure step hasn't been run, we don't have
443+ # SSH or the kolla user configured yet. However, we can't run host
444+ # configure without the libvirt TLS certificates.
445+ # Workaround: skip libvirt-host tag until later
446+ echo " Configuring the controller host"
447+ run_kayobe overcloud host configure --skip-tags libvirt-host
448+
434449 if [[ ${KAYOBE_OVERCLOUD_GENERATE_CERTIFICATES} = 1 ]]; then
435450 echo " Generate TLS certificates"
436451 run_kayobe playbook run $KAYOBE_SOURCE_PATH /ansible/kolla-ansible.yml -t config
437- # NOTE(mgoddard): There is a chicken and egg when generating libvirt
438- # TLS certificates using the kolla-ansible certificates command, and
439- # host libvirt. The certificates command needs to be able to gather
440- # facts for all hosts, but since the host configure step hasn't been
441- # run, we don't have SSH or the kolla user configured yet. However, we
442- # can't run host configure without the libvirt TLS certificates.
443- # Workaround: add the host to SSH known hosts and SSH as $USER.
444- run_kayobe playbook run $KAYOBE_SOURCE_PATH /ansible/ssh-known-host.yml -l overcloud
445-
446- # Avoid populating the fact cache with this weird setup.
447- export ANSIBLE_CACHE_PLUGIN=memory
452+
448453 run_kayobe kolla ansible run certificates \
449454 --kolla-extra kolla_certificates_dir=${KAYOBE_CONFIG_PATH} /kolla/certificates \
450- --kolla-extra ansible_user=$USER \
451- --kolla-extra ansible_python_interpreter=/usr/bin/python3 \
452455 --skip-tags kolla-openstack
453- unset ANSIBLE_CACHE_PLUGIN
454456
455457 # Add CA cert to trust store.
456458 ca_cert=${KAYOBE_CONFIG_PATH} /kolla/certificates/ca/root.crt
@@ -465,8 +467,10 @@ function overcloud_deploy {
465467 fi
466468 fi
467469
468- echo " Configuring the controller host"
469- run_kayobe overcloud host configure
470+ if is_compute_libvirt_enabled; then
471+ echo " Configuring libvirt daemon"
472+ run_kayobe overcloud host configure --tags libvirt-host
473+ fi
470474
471475 # FIXME(mgoddard): Perform host upgrade workarounds to ensure hostname
472476 # resolves to IP address of API interface for RabbitMQ. This seems to be
0 commit comments